Gringo Suave's questions

I've written a web-application to run on Windows (XP,7,2008, etc), not using MS tools (python/django/nginx, though it should not matter). To run the app I've created a Windows Service which installs and runs fine.

However, the application will run in an environment where security is important. By default the service installs itself running under the Local System account, which I understand has full control of the computer. Doesn't sound like a good idea.

I've also seen Network Service used but descriptions tend to talk about domains and such. This app uses the network and is running on Windows, but doesn't talk "Windows" much if at all. It is self contained and keeps its data in the "common app data folder" aka ...\All Users\Application Data though.

Should I use Network Service? Should I create my own account? On unix I would, but not sure of the "gotchas" on Windows. Would be easier to use an existing account.

I'm using celery 2.5.1 with django on a micro ec2 instance with 613mb memory and as such have to keep memory consumption down.

Currently I'm using it only for the scheduler "celery beat" as a web interface to cron, though I hope to use it for more in the future. I've noticed it is the biggest consumer of memory on my micro machine even though I have configured the number of workers to one. I don't have many other options set in settings.py:

import djcelery
djcelery.setup_loader()
BROKER_BACKEND = 'djkombu.transport.DatabaseTransport'
CELERYBEAT_SCHEDULER = 'djcelery.schedulers.DatabaseScheduler'
CELERY_RESULT_BACKEND = 'database'

BROKER_POOL_LIMIT = 2
CELERYD_CONCURRENCY = 1
CELERY_DISABLE_RATE_LIMITS = True
CELERYD_MAX_TASKS_PER_CHILD = 20
CELERYD_SOFT_TASK_TIME_LIMIT = 5 * 60
CELERYD_TASK_TIME_LIMIT = 6 * 60

Here's the details via top:

 PID USER  NI CPU%  VIRT   SHR  RES  MEM% Command 
1065 wuser 10  0.0  283M  4548  85m  14.3 python manage_prod.py celeryd --beat
1025 wuser 10  1.0  577M  6368  67m  11.2 python manage_prod.py celeryd --beat
1071 wuser 10  0.0  578M  2384  62m  10.6 python manage_prod.py celeryd --beat

That's about 214mb of memory (and not much shared) to run a cron job occasionally. Have I done anything wrong, or can this be reduced about ten-fold somehow? ;)

Update: here's my upstart config:

description "Celery Daemon"

start on (net-device-up and local-filesystems)
stop on runlevel [016]
nice 10
respawn
respawn limit 5 10
chdir /home/wuser/wuser/
env CELERYD_OPTS=--concurrency=1

exec sudo -u wuser -H /usr/bin/python manage_prod.py celeryd --beat --concurrency=1 --loglevel info --logfile /var/tmp/celeryd.log

Update 2:

I notice there is one root process, one user child process, and two grandchildren from that. So I think it isn't a matter of duplicate startup.

root  34580  1556 sudo -u wuser -H /usr/bin/python manage_prod.py celeryd 
wuser  577M 67548 └─ python manage_prod.py celeryd --beat --concurrency=1 
wuser  578M 63784    ├─  python manage_prod.py celeryd --beat --concurrency=1
wuser  271M 76260    └─  python manage_prod.py celeryd --beat --concurrency=1

I'm using Postgres 9.X on a recent Ubuntu (Debian) Server and have been searching for maintenance script examples and unfortunately come up empty.

The Postgres docs are comprehensive on the abstract subject of maintenance -- Its databases should periodically be:

• vacuumed / analyzed (+autovacuum)
• reindexed
• clustered?
• logs rotated

Unfortunately the docs don't get to a concrete example, perhaps because of the many variables involved. Still, I'd appreciate an example of a baseline maintenance script:

• One for a small (both size & usage) database that expects to grow over the next few years.
• A bit of scheduled downtime is fine. For example, once a week, client apps will shut down for a while so postgres can do its thing.

I've started with this, please help to improve it:

#!/bin/bash
# this script maintains a Postgres Database Cluster
# set any needed env vars:
# PGDATABASE, PGUSER, PGPASSWORD, PGHOST, PGPORT, etc.

read -p "Press ENTER to stop Postgres Clients, start maintenance..."

sudo stop websrvr1
sudo stop websrvr2
sleep 2

echo -e "\nStarting backup ..."
# another script for another question

echo -e "\nStarting maintenance ..."

# What is the best order for these?
sudo -u postgres reindexdb --all --system
sudo -u postgres clusterdb --all
sudo -u postgres vacuumdb  --all --analyze  # --full # warned against

# log rotation?  Supposed to be handled automatically, 
# but I not yet seen more than one log file.

echo Complete.  Type ... to start services.

I need to retrieve the hardware serial numbers from a set of new HP mini desktops that need provisioning.

This worked in the past using a WSH script to query it via WMI. Unfortunately, the newer models no longer contain a BIOS but rather come with EFI instead. All known ways of querying the information no longer work.

I've googled the subject quite a bit but all the answers I found recommend the ineffective method above. Can anyone help? I need a solution that will work with XP (embedded) if it makes a difference.